exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2012-0818

Status Candidate

Overview

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.

Related Files

Red Hat Security Advisory 2014-0372-01
Posted Apr 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0372-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.0.1 serves as a replacement for Red Hat JBoss BRMS 6.0.0, and includes bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-5245, CVE-2012-0818, CVE-2013-1624, CVE-2013-6468, CVE-2013-7285, CVE-2014-0002, CVE-2014-0003
SHA-256 | 577002c736b2df2c0050d3e19a92808a039cee26aa4b4c483da50f9877b40914
Red Hat Security Advisory 2014-0371-01
Posted Apr 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0371-01 - Red Hat JBoss BPM Suite is a business rules management system for the management, storage, creation, modification, and deployment of JBoss rules. This release of Red Hat JBoss BPM Suite 6.0.1 serves as a replacement for Red Hat JBoss BPM Suite 6.0.0, and includes bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-5245, CVE-2012-0818, CVE-2013-1624, CVE-2013-6468, CVE-2013-7285, CVE-2014-0002, CVE-2014-0003
SHA-256 | 99885327df8a85809381376bd6e2bb53cdb5341de4df4c673c82671d34d1a452
Red Hat Security Advisory 2013-1263-01
Posted Sep 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1263-01 - Red Hat Storage Console is a powerful and simple web based Graphical User Interface for managing a Red Hat Storage 2.1 environment. This feature is provided as a Technology Preview, and is currently not supported under Red Hat Storage subscription services.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2012-0818
SHA-256 | c957fc6e28d6f5410a47239edc8db138720f483a00f1d5ba548d3897fb5d1e89
Red Hat Security Advisory 2012-1125-01
Posted Jul 31, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1125-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. This release of JBoss Enterprise SOA Platform 5.3.0 serves as a replacement for JBoss Enterprise SOA Platform 5.2.0. It includes various bug fixes and enhancements which are detailed in the JBoss Enterprise SOA Platform 5.3.0 Release Notes.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-3506, CVE-2011-3517, CVE-2011-4605, CVE-2011-4838, CVE-2012-0079, CVE-2012-0818, CVE-2012-2377
SHA-256 | b8d763d67a55bbd9739b6389ec7a18b563c208224d53204c1a9cca5f0d61037e
Red Hat Security Advisory 2012-1057-01
Posted Jul 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1057-01 - RESTEasy provides various frameworks to help you build RESTful web services and RESTful Java applications. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, java, remote, web, xxe
systems | linux, redhat
advisories | CVE-2012-0818
SHA-256 | 5cfe82490f9e0d9ea42e665a6f4f6f6991026f15dc3ddf2d39550a062b1c56c5
Red Hat Security Advisory 2012-1059-01
Posted Jul 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1059-01 - RESTEasy provides various frameworks to help you build RESTful web services and RESTful Java applications. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, java, remote, web, xxe
systems | linux, redhat
advisories | CVE-2012-0818
SHA-256 | e3a2bf9a1dc1efec91da14d3163b81d65b43040761d051feb37bae44cdf25454
Red Hat Security Advisory 2012-1056-01
Posted Jul 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1056-01 - RESTEasy provides various frameworks to help you build RESTful web services and RESTful Java applications. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, java, remote, web, xxe
systems | linux, redhat
advisories | CVE-2012-0818
SHA-256 | 6557059760455431acac8d483403f3918f56868f81fd392dee90b7d5ddc1473c
Red Hat Security Advisory 2012-1058-01
Posted Jul 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1058-01 - RESTEasy provides various frameworks to help you build RESTful web services and RESTful Java applications. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, java, remote, web, xxe
systems | linux, redhat
advisories | CVE-2012-0818
SHA-256 | 05f9c0682e27949bf1f2becff450f31daba1cdb97b54e04910f8671124a8f236
Red Hat Security Advisory 2012-0519-01
Posted Apr 25, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0519-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. This release of JBoss Enterprise Portal Platform 5.2.1 serves as a replacement for JBoss Enterprise Portal Platform 5.2.0, and includes bug fixes.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2011-4314, CVE-2012-0818
SHA-256 | 4c2d7e867f2236c82154ad3fdca5b623e021c311c49562d7e1ef097fb83249f5
Red Hat Security Advisory 2012-0441-01
Posted Apr 3, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0441-01 - JBoss Enterprise BRMS Platform is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for JBoss Enterprise BRMS Platform 5.2.0. It includes various bug fixes and enhancements. The following security issues are also fixed with this release: It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, remote, xxe
systems | linux, redhat
advisories | CVE-2011-4314, CVE-2012-0818
SHA-256 | aa88fdb7a6bd80c673f8c3a8fd33a6748135e59f49d09b6b5f841cb97ee7fcb8
Red Hat Security Advisory 2012-0421-01
Posted Mar 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0421-01 - Red Hat Enterprise Virtualization Manager is a visual tool for centrally managing collections of virtual machines running Red Hat Enterprise Linux and Microsoft Windows. These packages also include the Red Hat Enterprise Virtualization Manager REST API, a set of scriptable commands that give administrators the ability to perform queries and operations on Red Hat Enterprise Virtualization Manager. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker who is able to access the Red Hat Enterprise Virtualization Manager REST API submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, remote, xxe
systems | linux, redhat, windows
advisories | CVE-2012-0818
SHA-256 | d2a9d377caafb6815fcd666dfd9df10b3dff9a2401747a63f81e7690560814dd
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close